|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Victor Duchovni (Victor.Duchovni
MorganStanley.com)
Date: Sun Dec 02 2007 - 21:40:04 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, Dec 02, 2007 at 10:05:09PM -0500, Wietse Venema wrote:
> > So the SASL code needs to use "proxymap" protocol directly, not
> > "proxy:..." tables, which always contacts the "real" proxymap.
>
> To access a single-writer auth_fail_map, use
> proxy:btree:/some/where/auth_fail_map a dedicated proxymap service,
While the delivery agent concurrency to a single destination is ideally
just "1" in this case, the process limit for the delivery agent may
well be significantly higher. Is it acceptable for all the smtp(8)
delivery agents to use a single proxymap(8) for all lookups in addition
to auth_fail cache updates?
If it is, the remaining obstacles are table permissions and how the new
table updating proxymap handles SIGTERM on "postfix stop". Do we do anything
special for these? The cloned proxymap needs to create new tables mode 0600
and change its process group to avoid untimely SIGTERM. Does the umask need
to be configurable?
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]